2 * Copyright (C) 2011 Google Inc. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above
11 * copyright notice, this list of conditions and the following disclaimer
12 * in the documentation and/or other materials provided with the
14 * * Neither the name of Google Inc. nor the names of its
15 * contributors may be used to endorse or promote products derived from
16 * this software without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #include "modules/websockets/WebSocket.h"
35 #include "bindings/v8/ExceptionState.h"
36 #include "bindings/v8/ScriptController.h"
37 #include "core/dom/Document.h"
38 #include "core/dom/ExceptionCode.h"
39 #include "core/dom/ExecutionContext.h"
40 #include "core/events/MessageEvent.h"
41 #include "core/fileapi/Blob.h"
42 #include "core/frame/ConsoleTypes.h"
43 #include "core/frame/LocalDOMWindow.h"
44 #include "core/frame/LocalFrame.h"
45 #include "core/frame/csp/ContentSecurityPolicy.h"
46 #include "core/inspector/ScriptCallStack.h"
47 #include "modules/websockets/CloseEvent.h"
48 #include "platform/Logging.h"
49 #include "platform/blob/BlobData.h"
50 #include "platform/heap/Handle.h"
51 #include "platform/weborigin/KnownPorts.h"
52 #include "platform/weborigin/SecurityOrigin.h"
53 #include "public/platform/Platform.h"
54 #include "wtf/ArrayBuffer.h"
55 #include "wtf/ArrayBufferView.h"
56 #include "wtf/Assertions.h"
57 #include "wtf/HashSet.h"
58 #include "wtf/PassOwnPtr.h"
59 #include "wtf/StdLibExtras.h"
60 #include "wtf/text/CString.h"
61 #include "wtf/text/StringBuilder.h"
62 #include "wtf/text/WTFString.h"
66 WebSocket::EventQueue::EventQueue(EventTarget* target)
69 , m_resumeTimer(this, &EventQueue::resumeTimerFired) { }
71 WebSocket::EventQueue::~EventQueue() { stop(); }
73 void WebSocket::EventQueue::dispatch(PassRefPtrWillBeRawPtr<Event> event)
77 ASSERT(m_events.isEmpty());
78 ASSERT(m_target->executionContext());
79 m_target->dispatchEvent(event);
82 m_events.append(event);
85 ASSERT(m_events.isEmpty());
91 bool WebSocket::EventQueue::isEmpty() const
93 return m_events.isEmpty();
96 void WebSocket::EventQueue::suspend()
99 if (m_state != Active)
105 void WebSocket::EventQueue::resume()
107 if (m_state != Suspended || m_resumeTimer.isActive())
110 m_resumeTimer.startOneShot(0, FROM_HERE);
113 void WebSocket::EventQueue::stop()
115 if (m_state == Stopped)
119 m_resumeTimer.stop();
123 void WebSocket::EventQueue::dispatchQueuedEvents()
125 if (m_state != Active)
128 RefPtrWillBeRawPtr<EventQueue> protect(this);
130 WillBeHeapDeque<RefPtrWillBeMember<Event> > events;
131 events.swap(m_events);
132 while (!events.isEmpty()) {
133 if (m_state == Stopped || m_state == Suspended)
135 ASSERT(m_state == Active);
136 ASSERT(m_target->executionContext());
137 m_target->dispatchEvent(events.takeFirst());
138 // |this| can be stopped here.
140 if (m_state == Suspended) {
141 while (!m_events.isEmpty())
142 events.append(m_events.takeFirst());
143 events.swap(m_events);
147 void WebSocket::EventQueue::resumeTimerFired(Timer<EventQueue>*)
149 ASSERT(m_state == Suspended);
151 dispatchQueuedEvents();
154 void WebSocket::EventQueue::trace(Visitor* visitor)
156 visitor->trace(m_events);
159 const size_t maxReasonSizeInBytes = 123;
161 static inline bool isValidSubprotocolCharacter(UChar character)
163 const UChar minimumProtocolCharacter = '!'; // U+0021.
164 const UChar maximumProtocolCharacter = '~'; // U+007E.
165 // Set to true if character does not matches "separators" ABNF defined in
166 // RFC2616. SP and HT are excluded since the range check excludes them.
167 bool isNotSeparator = character != '"' && character != '(' && character != ')' && character != ',' && character != '/'
168 && !(character >= ':' && character <= '@') // U+003A - U+0040 (':', ';', '<', '=', '>', '?', '@').
169 && !(character >= '[' && character <= ']') // U+005B - U+005D ('[', '\\', ']').
170 && character != '{' && character != '}';
171 return character >= minimumProtocolCharacter && character <= maximumProtocolCharacter && isNotSeparator;
174 bool WebSocket::isValidSubprotocolString(const String& protocol)
176 if (protocol.isEmpty())
178 for (size_t i = 0; i < protocol.length(); ++i) {
179 if (!isValidSubprotocolCharacter(protocol[i]))
185 static String encodeSubprotocolString(const String& protocol)
187 StringBuilder builder;
188 for (size_t i = 0; i < protocol.length(); i++) {
189 if (protocol[i] < 0x20 || protocol[i] > 0x7E)
190 builder.append(String::format("\\u%04X", protocol[i]));
191 else if (protocol[i] == 0x5c)
192 builder.append("\\\\");
194 builder.append(protocol[i]);
196 return builder.toString();
199 static String joinStrings(const Vector<String>& strings, const char* separator)
201 StringBuilder builder;
202 for (size_t i = 0; i < strings.size(); ++i) {
204 builder.append(separator);
205 builder.append(strings[i]);
207 return builder.toString();
210 static unsigned long saturateAdd(unsigned long a, unsigned long b)
212 if (std::numeric_limits<unsigned long>::max() - a < b)
213 return std::numeric_limits<unsigned long>::max();
217 static void setInvalidStateErrorForSendMethod(ExceptionState& exceptionState)
219 exceptionState.throwDOMException(InvalidStateError, "Still in CONNECTING state.");
222 const char* WebSocket::subprotocolSeperator()
227 WebSocket::WebSocket(ExecutionContext* context)
228 : ActiveDOMObject(context)
229 , m_state(CONNECTING)
230 , m_bufferedAmount(0)
231 , m_consumedBufferedAmount(0)
232 , m_bufferedAmountAfterClose(0)
233 , m_binaryType(BinaryTypeBlob)
236 , m_eventQueue(EventQueue::create(this))
237 , m_bufferedAmountConsumeTimer(this, &WebSocket::reflectBufferedAmountConsumption)
239 ScriptWrappable::init(this);
242 WebSocket::~WebSocket()
247 void WebSocket::logError(const String& message)
249 executionContext()->addConsoleMessage(JSMessageSource, ErrorMessageLevel, message);
252 PassRefPtrWillBeRawPtr<WebSocket> WebSocket::create(ExecutionContext* context, const String& url, ExceptionState& exceptionState)
254 Vector<String> protocols;
255 return create(context, url, protocols, exceptionState);
258 PassRefPtrWillBeRawPtr<WebSocket> WebSocket::create(ExecutionContext* context, const String& url, const Vector<String>& protocols, ExceptionState& exceptionState)
261 exceptionState.throwDOMException(SyntaxError, "Failed to create a WebSocket: the provided URL is invalid.");
265 RefPtrWillBeRawPtr<WebSocket> webSocket(adoptRefWillBeRefCountedGarbageCollected(new WebSocket(context)));
266 webSocket->suspendIfNeeded();
268 webSocket->connect(url, protocols, exceptionState);
269 if (exceptionState.hadException())
272 return webSocket.release();
275 PassRefPtrWillBeRawPtr<WebSocket> WebSocket::create(ExecutionContext* context, const String& url, const String& protocol, ExceptionState& exceptionState)
277 Vector<String> protocols;
278 protocols.append(protocol);
279 return create(context, url, protocols, exceptionState);
282 void WebSocket::connect(const String& url, const Vector<String>& protocols, ExceptionState& exceptionState)
284 WTF_LOG(Network, "WebSocket %p connect() url='%s'", this, url.utf8().data());
285 m_url = KURL(KURL(), url);
287 if (!m_url.isValid()) {
289 exceptionState.throwDOMException(SyntaxError, "The URL '" + url + "' is invalid.");
292 if (!m_url.protocolIs("ws") && !m_url.protocolIs("wss")) {
294 exceptionState.throwDOMException(SyntaxError, "The URL's scheme must be either 'ws' or 'wss'. '" + m_url.protocol() + "' is not allowed.");
298 if (m_url.hasFragmentIdentifier()) {
300 exceptionState.throwDOMException(SyntaxError, "The URL contains a fragment identifier ('" + m_url.fragmentIdentifier() + "'). Fragment identifiers are not allowed in WebSocket URLs.");
303 if (!portAllowed(m_url)) {
305 exceptionState.throwSecurityError("The port " + String::number(m_url.port()) + " is not allowed.");
309 // FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved.
310 bool shouldBypassMainWorldContentSecurityPolicy = false;
311 if (executionContext()->isDocument()) {
312 Document* document = toDocument(executionContext());
313 shouldBypassMainWorldContentSecurityPolicy = document->frame()->script().shouldBypassMainWorldContentSecurityPolicy();
315 if (!shouldBypassMainWorldContentSecurityPolicy && !executionContext()->contentSecurityPolicy()->allowConnectToSource(m_url)) {
317 // The URL is safe to expose to JavaScript, as this check happens synchronously before redirection.
318 exceptionState.throwSecurityError("Refused to connect to '" + m_url.elidedString() + "' because it violates the document's Content Security Policy.");
322 m_channel = createChannel(executionContext(), this);
324 for (size_t i = 0; i < protocols.size(); ++i) {
325 if (!isValidSubprotocolString(protocols[i])) {
327 exceptionState.throwDOMException(SyntaxError, "The subprotocol '" + encodeSubprotocolString(protocols[i]) + "' is invalid.");
332 HashSet<String> visited;
333 for (size_t i = 0; i < protocols.size(); ++i) {
334 if (!visited.add(protocols[i]).isNewEntry) {
336 exceptionState.throwDOMException(SyntaxError, "The subprotocol '" + encodeSubprotocolString(protocols[i]) + "' is duplicated.");
342 String protocolString;
343 if (!protocols.isEmpty())
344 protocolString = joinStrings(protocols, subprotocolSeperator());
346 if (!m_channel->connect(m_url, protocolString)) {
348 exceptionState.throwSecurityError("An insecure WebSocket connection may not be initiated from a page loaded over HTTPS.");
354 void WebSocket::handleSendResult(WebSocketChannel::SendResult result, ExceptionState& exceptionState, WebSocketSendType dataType)
357 case WebSocketChannel::InvalidMessage:
358 exceptionState.throwDOMException(SyntaxError, "The message contains invalid characters.");
360 case WebSocketChannel::SendFail:
361 logError("WebSocket send() failed.");
363 case WebSocketChannel::SendSuccess:
364 blink::Platform::current()->histogramEnumeration("WebCore.WebSocket.SendType", dataType, WebSocketSendTypeMax);
367 ASSERT_NOT_REACHED();
370 void WebSocket::updateBufferedAmountAfterClose(unsigned long payloadSize)
372 m_bufferedAmountAfterClose = saturateAdd(m_bufferedAmountAfterClose, payloadSize);
373 m_bufferedAmountAfterClose = saturateAdd(m_bufferedAmountAfterClose, getFramingOverhead(payloadSize));
375 logError("WebSocket is already in CLOSING or CLOSED state.");
378 void WebSocket::reflectBufferedAmountConsumption(Timer<WebSocket>*)
380 ASSERT(m_bufferedAmount >= m_consumedBufferedAmount);
381 WTF_LOG(Network, "WebSocket %p reflectBufferedAmountConsumption() %lu => %lu", this, m_bufferedAmount, m_bufferedAmount - m_consumedBufferedAmount);
383 m_bufferedAmount -= m_consumedBufferedAmount;
384 m_consumedBufferedAmount = 0;
387 void WebSocket::releaseChannel()
390 m_channel->disconnect();
394 void WebSocket::send(const String& message, ExceptionState& exceptionState)
396 WTF_LOG(Network, "WebSocket %p send() Sending String '%s'", this, message.utf8().data());
397 if (m_state == CONNECTING) {
398 setInvalidStateErrorForSendMethod(exceptionState);
401 // No exception is raised if the connection was once established but has subsequently been closed.
402 if (m_state == CLOSING || m_state == CLOSED) {
403 updateBufferedAmountAfterClose(message.utf8().length());
407 m_bufferedAmount += message.utf8().length();
408 handleSendResult(m_channel->send(message), exceptionState, WebSocketSendTypeString);
411 void WebSocket::send(ArrayBuffer* binaryData, ExceptionState& exceptionState)
413 WTF_LOG(Network, "WebSocket %p send() Sending ArrayBuffer %p", this, binaryData);
415 if (m_state == CONNECTING) {
416 setInvalidStateErrorForSendMethod(exceptionState);
419 if (m_state == CLOSING || m_state == CLOSED) {
420 updateBufferedAmountAfterClose(binaryData->byteLength());
424 m_bufferedAmount += binaryData->byteLength();
425 handleSendResult(m_channel->send(*binaryData, 0, binaryData->byteLength()), exceptionState, WebSocketSendTypeArrayBuffer);
428 void WebSocket::send(ArrayBufferView* arrayBufferView, ExceptionState& exceptionState)
430 WTF_LOG(Network, "WebSocket %p send() Sending ArrayBufferView %p", this, arrayBufferView);
431 ASSERT(arrayBufferView);
432 if (m_state == CONNECTING) {
433 setInvalidStateErrorForSendMethod(exceptionState);
436 if (m_state == CLOSING || m_state == CLOSED) {
437 updateBufferedAmountAfterClose(arrayBufferView->byteLength());
441 m_bufferedAmount += arrayBufferView->byteLength();
442 RefPtr<ArrayBuffer> arrayBuffer(arrayBufferView->buffer());
443 handleSendResult(m_channel->send(*arrayBuffer, arrayBufferView->byteOffset(), arrayBufferView->byteLength()), exceptionState, WebSocketSendTypeArrayBufferView);
446 void WebSocket::send(Blob* binaryData, ExceptionState& exceptionState)
448 WTF_LOG(Network, "WebSocket %p send() Sending Blob '%s'", this, binaryData->uuid().utf8().data());
450 if (m_state == CONNECTING) {
451 setInvalidStateErrorForSendMethod(exceptionState);
454 if (m_state == CLOSING || m_state == CLOSED) {
455 updateBufferedAmountAfterClose(static_cast<unsigned long>(binaryData->size()));
458 m_bufferedAmount += binaryData->size();
460 handleSendResult(m_channel->send(binaryData->blobDataHandle()), exceptionState, WebSocketSendTypeBlob);
463 void WebSocket::close(unsigned short code, const String& reason, ExceptionState& exceptionState)
465 closeInternal(code, reason, exceptionState);
468 void WebSocket::close(ExceptionState& exceptionState)
470 closeInternal(WebSocketChannel::CloseEventCodeNotSpecified, String(), exceptionState);
473 void WebSocket::close(unsigned short code, ExceptionState& exceptionState)
475 closeInternal(code, String(), exceptionState);
478 void WebSocket::closeInternal(int code, const String& reason, ExceptionState& exceptionState)
480 if (code == WebSocketChannel::CloseEventCodeNotSpecified) {
481 WTF_LOG(Network, "WebSocket %p close() without code and reason", this);
483 WTF_LOG(Network, "WebSocket %p close() code=%d reason='%s'", this, code, reason.utf8().data());
484 if (!(code == WebSocketChannel::CloseEventCodeNormalClosure || (WebSocketChannel::CloseEventCodeMinimumUserDefined <= code && code <= WebSocketChannel::CloseEventCodeMaximumUserDefined))) {
485 exceptionState.throwDOMException(InvalidAccessError, "The code must be either 1000, or between 3000 and 4999. " + String::number(code) + " is neither.");
488 CString utf8 = reason.utf8(StrictUTF8ConversionReplacingUnpairedSurrogatesWithFFFD);
489 if (utf8.length() > maxReasonSizeInBytes) {
490 exceptionState.throwDOMException(SyntaxError, "The message must not be greater than " + String::number(maxReasonSizeInBytes) + " bytes.");
495 if (m_state == CLOSING || m_state == CLOSED)
497 if (m_state == CONNECTING) {
499 m_channel->fail("WebSocket is closed before the connection is established.", WarningMessageLevel, String(), 0);
504 m_channel->close(code, reason);
507 const KURL& WebSocket::url() const
512 WebSocket::State WebSocket::readyState() const
517 unsigned long WebSocket::bufferedAmount() const
519 return saturateAdd(m_bufferedAmount, m_bufferedAmountAfterClose);
522 String WebSocket::protocol() const
524 return m_subprotocol;
527 String WebSocket::extensions() const
532 String WebSocket::binaryType() const
534 switch (m_binaryType) {
537 case BinaryTypeArrayBuffer:
538 return "arraybuffer";
540 ASSERT_NOT_REACHED();
544 void WebSocket::setBinaryType(const String& binaryType)
546 if (binaryType == "blob") {
547 m_binaryType = BinaryTypeBlob;
550 if (binaryType == "arraybuffer") {
551 m_binaryType = BinaryTypeArrayBuffer;
554 logError("'" + binaryType + "' is not a valid value for binaryType; binaryType remains unchanged.");
557 const AtomicString& WebSocket::interfaceName() const
559 return EventTargetNames::WebSocket;
562 ExecutionContext* WebSocket::executionContext() const
564 return ActiveDOMObject::executionContext();
567 void WebSocket::contextDestroyed()
569 WTF_LOG(Network, "WebSocket %p contextDestroyed()", this);
571 ASSERT(m_state == CLOSED);
572 ActiveDOMObject::contextDestroyed();
575 bool WebSocket::hasPendingActivity() const
577 return m_channel || !m_eventQueue->isEmpty();
580 void WebSocket::suspend()
583 m_channel->suspend();
584 m_eventQueue->suspend();
587 void WebSocket::resume()
591 m_eventQueue->resume();
594 void WebSocket::stop()
596 m_eventQueue->stop();
598 m_channel->close(WebSocketChannel::CloseEventCodeGoingAway, String());
604 void WebSocket::didConnect(const String& subprotocol, const String& extensions)
606 WTF_LOG(Network, "WebSocket %p didConnect()", this);
607 if (m_state != CONNECTING)
610 m_subprotocol = subprotocol;
611 m_extensions = extensions;
612 m_eventQueue->dispatch(Event::create(EventTypeNames::open));
615 void WebSocket::didReceiveMessage(const String& msg)
617 WTF_LOG(Network, "WebSocket %p didReceiveMessage() Text message '%s'", this, msg.utf8().data());
620 m_eventQueue->dispatch(MessageEvent::create(msg, SecurityOrigin::create(m_url)->toString()));
623 void WebSocket::didReceiveBinaryData(PassOwnPtr<Vector<char> > binaryData)
625 WTF_LOG(Network, "WebSocket %p didReceiveBinaryData() %lu byte binary message", this, static_cast<unsigned long>(binaryData->size()));
626 switch (m_binaryType) {
627 case BinaryTypeBlob: {
628 size_t size = binaryData->size();
629 RefPtr<RawData> rawData = RawData::create();
630 binaryData->swap(*rawData->mutableData());
631 OwnPtr<BlobData> blobData = BlobData::create();
632 blobData->appendData(rawData.release(), 0, BlobDataItem::toEndOfFile);
633 RefPtrWillBeRawPtr<Blob> blob = Blob::create(BlobDataHandle::create(blobData.release(), size));
634 m_eventQueue->dispatch(MessageEvent::create(blob.release(), SecurityOrigin::create(m_url)->toString()));
638 case BinaryTypeArrayBuffer:
639 RefPtr<ArrayBuffer> arrayBuffer = ArrayBuffer::create(binaryData->data(), binaryData->size());
641 // Failed to allocate an ArrayBuffer. We need to crash the renderer
642 // since there's no way defined in the spec to tell this to the
646 m_eventQueue->dispatch(MessageEvent::create(arrayBuffer.release(), SecurityOrigin::create(m_url)->toString()));
651 void WebSocket::didReceiveMessageError()
653 WTF_LOG(Network, "WebSocket %p didReceiveMessageError()", this);
655 m_eventQueue->dispatch(Event::create(EventTypeNames::error));
658 void WebSocket::didConsumeBufferedAmount(unsigned long consumed)
660 ASSERT(m_bufferedAmount >= consumed);
661 WTF_LOG(Network, "WebSocket %p didConsumeBufferedAmount(%lu)", this, consumed);
662 if (m_state == CLOSED)
664 m_consumedBufferedAmount += consumed;
665 if (!m_bufferedAmountConsumeTimer.isActive())
666 m_bufferedAmountConsumeTimer.startOneShot(0, FROM_HERE);
669 void WebSocket::didStartClosingHandshake()
671 WTF_LOG(Network, "WebSocket %p didStartClosingHandshake()", this);
675 void WebSocket::didClose(ClosingHandshakeCompletionStatus closingHandshakeCompletion, unsigned short code, const String& reason)
677 WTF_LOG(Network, "WebSocket %p didClose()", this);
680 bool hasAllDataConsumed = m_bufferedAmount == m_consumedBufferedAmount;
681 bool wasClean = m_state == CLOSING && hasAllDataConsumed && closingHandshakeCompletion == ClosingHandshakeComplete && code != WebSocketChannel::CloseEventCodeAbnormalClosure;
684 m_eventQueue->dispatch(CloseEvent::create(wasClean, code, reason));
688 size_t WebSocket::getFramingOverhead(size_t payloadSize)
690 static const size_t hybiBaseFramingOverhead = 2; // Every frame has at least two-byte header.
691 static const size_t hybiMaskingKeyLength = 4; // Every frame from client must have masking key.
692 static const size_t minimumPayloadSizeWithTwoByteExtendedPayloadLength = 126;
693 static const size_t minimumPayloadSizeWithEightByteExtendedPayloadLength = 0x10000;
694 size_t overhead = hybiBaseFramingOverhead + hybiMaskingKeyLength;
695 if (payloadSize >= minimumPayloadSizeWithEightByteExtendedPayloadLength)
697 else if (payloadSize >= minimumPayloadSizeWithTwoByteExtendedPayloadLength)
702 void WebSocket::trace(Visitor* visitor)
704 visitor->trace(m_channel);
705 visitor->trace(m_eventQueue);
706 EventTargetWithInlineData::trace(visitor);
709 } // namespace WebCore